Top global security exports defend encryption

Security experts have published a paper arguing that allowing government agents special access to communications would have detrimental effects

As government officials continue to plea the case against strong encryption, a group of high-profile international security experts have published a paper arguing that allowing government agents special access to communications would have detrimental effects on personal privacy, enterprise security, and our national economy.

"In the long run, what would help law enforcement and make us secure is that we do the best we can to make the infrastructure as secure as possible," said Hal Abelson, the lead author on the paper. "The calls for adding exceptional access -- whether front doors or back doors -- are going in the opposite direction."

Abelson, who is a well-known professor of computer science and engineering at MIT, is also a founding director of Creative Commons and Public Knowledge, and a director of the Center for Democracy and Technology.

He added, however, that government officials have not released any details about what they would like to see happen.

"The devil is in the details," he said.

For example, he said, if a vendor must give government agents access to customer communications, then that means that the vendor themselves has that access.

"If you knew that Apple has access to all of your communications, would you use that if you were Microsoft?" he asked.

Vendors would prefer to have as little ability to access customer information as possible, he said.

For example, keys to encrypted communications are typically destroyed automatically after every interchange, he said.

But that means that there's no way for law enforcement to get at this data, either, he said.

"This is a very complicated issue and it's not going to go away," he said.

FBI Director James Comey called it "Going Dark."

"Changing forms of Internet communication are quickly outpacing laws and technology designed to allow for the lawful intercept of communication content," he told the Senate Intelligence Committee Wednesday.

Terrorist groups such as ISIL are using modern communications methods, he said -- but the laws haven't kept up.

For example, traditional telephone companies are required to have the capability to provide wire taps to law enforcement, but there's no such requirement on Internet technology companies.

"Such services can be developed and deployed without any ability for law enforcement to collect information critical to criminal and national security investigations and prosecutions," he said.

In addressing the Senate Judiciary Committee that same day, Comey went even further, saying that there were more and more criminal cases relying on data stored on computers or mobile devices -- and that strong encryption would hinder prosecution in these cases.

"If we cannot access this evidence, it will have ongoing, significant impacts on our ability to identify, stop, and prosecute these offenders," he said.

You cannot have a backdoor that only the 'good guys' can use, it will be exploited by the bad guys.

Richard Blech, CEO at Secure Channels

Comey stopped short of making any concrete proposals, but urged for more discussion of how "encryption as currently implemented poses real barriers to law enforcement’s ability to seek information in specific cases of possible national security threat."

The government is between a rock and a hard place, said Richard Blech, CEO at Secure Channels.

"You cannot have a backdoor that only the 'good guys' can use, it will be exploited by the bad guys," he said.